exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-07-09

Zoom X4 / X5 SQL Injection / Authentication Bypass
Posted Jul 9, 2013
Authored by Kyle Lovett

Zoom X4 and X5 modems suffers from authentication bypass and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, bypass
MD5 | 1ebc290010ab974e321dc5238cc5abb9
Microsoft Security Bulletin Summary For July, 2013
Posted Jul 9, 2013
Site microsoft.com

This bulletin summary lists 7 released Microsoft security bulletins for July, 2013.

tags | advisory
MD5 | c3968edd279bd7a119a71775b17fa263
Poor Man's Security Lab
Posted Jul 9, 2013
Authored by Josh Clark | Site chimera-security.com

Whitepaper called the Poor Man's Security Lab. It provides walk throughs for setting up various virtualized hosts.

tags | paper
MD5 | 7c4ed974e3c015235163ad7103ca9e4a
Linux 3.10 libceph Null Pointer Dereference
Posted Jul 9, 2013
Authored by Chanam Park

Linux kernel versions up to 3.10 suffer from a libceph null pointer dereference vulnerability.

tags | advisory, kernel
systems | linux
advisories | CVE-2013-1059
MD5 | 161878afaf9e715dd0170963351e634a
Ubuntu Security Notice USN-1902-1
Posted Jul 9, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1902-1 - William (B.J.) Snow Orvis discovered that Ruby incorrectly verified the hostname in SSL certificates. An attacker could trick Ruby into trusting a rogue server certificate, which was signed by a trusted certificate authority, to perform a man-in-the-middle attack.

tags | advisory, ruby
systems | linux, ubuntu
advisories | CVE-2013-4073
MD5 | 2aec7e4cf62e3bd89c06a071da52f93d
DASDEC Root SSH Key
Posted Jul 9, 2013
Authored by Mike Davis | Site ioactive.com

IOActive Security Advisory - DASDEC-I and DASDEC-II from Digital Alert Systems (DAS), which are used in the Emergency Alert System, have an embedded root ssh key that enables an attacker to transmit false emergency information over a large geographic area.

tags | exploit, root
MD5 | e4491b73b2eb6d646acbb5cf26154145
Apache CXF 2.5.10 / 2.6.7 / 2.7.4 Denial Of Service
Posted Jul 9, 2013
Authored by A. Falkenberg, Joerg Schwenk, Juraj Somorovsky, Christian Mainka | Site sec-consult.com

Apache CXF versions prior to 2.5.10, 2.6.7, and 2.7.4 suffer from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2013-2160
MD5 | 85738f7bcec5f32ca063072b762ff471
Technical Cyber Security Alert 2013-190A
Posted Jul 9, 2013
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2013-190A - Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.

tags | advisory, vulnerability
MD5 | 94b8b79c71f2a42b95d8cf9568e8158f
Red Hat Security Advisory 2013-1028-01
Posted Jul 9, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1028-01 - Fuse ESB Enterprise, based on Apache ServiceMix, provides an integration platform. This release of Fuse ESB Enterprise 7.1.0 roll up patch 1 is an update to Fuse ESB Enterprise 7.1.0 and includes bug fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-5575, CVE-2013-0269, CVE-2013-1821, CVE-2013-2160
MD5 | f390322ad5b1ff1d0ce4f456dde6b902
Digital Whisper Electronic Magazine #43
Posted Jul 9, 2013
Authored by cp77fk4r, digitalwhisper

Digital Whisper Electronic Magazine issue 43. Written in Hebrew.

tags | magazine
MD5 | 7d9e6c6618f810f50225aae504c23fbe
Red Hat Security Advisory 2013-1026-01
Posted Jul 9, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1026-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A buffer overflow flaw was found in the way UTF-8 characters were converted to UTF-16 in the utf8s_to_utf16s() function of the Linux kernel's FAT file system implementation. A local user able to mount a FAT file system with the "utf8=1" option could use this flaw to crash the system or, potentially, to escalate their privileges.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2013-1773, CVE-2013-1796, CVE-2013-1797, CVE-2013-1798, CVE-2013-1848
MD5 | 7c3f7cdb73eb8f3a2496539dd908ddd2
Joomla Attachments Shell Upload
Posted Jul 9, 2013
Authored by Stars Hacking Team

Joomla Attachments component suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | db734a733bef2bf4c804e5b5f7da7489
ERS Viewer 2013 ERS File Handling Buffer Overflow
Posted Jul 9, 2013
Authored by James Fitts, juan vazquez | Site metasploit.com

This Metasploit module exploits a buffer overflow vulnerability found in ERS Viewer 2013. The vulnerability exists in the module ermapper_u.dll, where the function rf_report_error handles user provided data in a insecure way. It results in arbitrary code execution under the context of the user viewing a specially crafted .ers file. This Metasploit module has been tested successfully with ERS Viewer 2013 (versions 13.0.0.1151) on Windows XP SP3 and Windows 7 SP1.

tags | exploit, overflow, arbitrary, code execution
systems | windows, xp, 7
advisories | CVE-2013-3482, OSVDB-93650
MD5 | 353adb4184511741811b4ec14f78a159
OATH Toolkit 2.2.0
Posted Jul 9, 2013
Site nongnu.org

OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.

Changes: This release adds functions for creating PSKC data to libpskc. In liboath, it permits different passwords for different tokens for the same user. It improves building from git with the most recent automake and gengetopt. Valgrind is not enabled by default. The liboath header file is usable from C++ (extern "C" guard).
tags | tool
systems | unix
MD5 | 2afc64577936a1a79cff72b0718c9636
Ubuntu Security Notice USN-1901-1
Posted Jul 9, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1901-1 - Timothy D. Morgan discovered that Raptor would unconditionally load XML external entities. If a user were tricked into opening a specially crafted document in an application linked against Raptor, an attacker could possibly obtain access to arbitrary files on the user's system or potentially execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, arbitrary, xxe
systems | linux, ubuntu
advisories | CVE-2012-0037
MD5 | 91c3288fc26865e4c0c0c79ea26aabae
Sanewall 1.1.4
Posted Jul 9, 2013
Authored by Costa Tsaousis, Phil Whineray | Site sanewall.org

Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, all kinds of NAT, providing strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, and whitelists. Newer versions abstract the differences between IPv4 and IPv6, allowing you to define a common set of rules for both, while permitting specific rules for each as you need.

Changes: "sanewall save" now creates two files, which is what most init systems expect. "sanewall status" now identifies which blocks are IPv6 or IPv4. "sanewall condrestart" now follows convention by only restarting if already running. Various programs and files are now detected at configure-time rather than run-time.
tags | tool, spoof, firewall
systems | linux, unix
MD5 | 47d350a962fe74282bbe4b320b20d41d
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close